Banner information collection:
Banner information, welcome words, you can get information software developers, software name, version, and service information in Banner, you can use some of this information directly to the tool by using the corresponding exp to attack.
Prerequisites: needs and objectives to establish a connection, only to establish a link in order to obtain information corresponding banner, banner on the target server can be a hidden or read prohibited
Collection methods:
1, NC (netcat Swiss Army Knife)
nc -nv 192.168.111.10 21
-n - Displays the IP represented in digital form
-v - Show Details
2, Dmitry (a server scanning software, scan mode based on the full link)
Dmitry -pb 192.168.16.1
3.nmap -sT -p1-200 --script=banner 10.10.10.1
-sT - represents a way to use TCP-based scanning;
-p1-200 - scan port 1-200;
--script expressed using a script banner
4.amap -B ip address 1-200 (port)
-B - retrieves information banner
The Firefox browser by means of a plug-in: Wappalyzer, analysis platform architecture of the target site, the site environment, server configuration environment, programming languages, and so on;
6. Tool bar packet connection response packet, the server can see the information in the response packet;
Medusa
(medusa), open source, supports a wide variety of services, FTP, ssh, mssql, mysql , snmp,
kail have built into the system
medusa [-h host|-H file][-u username|-U file][-p password|-P file]-M module [OPT]
-h host ip blasting
-H ip collection
-u user name
-U user dictionary
-p single password
-C combination entry file
-M module
-O output
-en (blank password) s (the same username and password)
-n 23 using the specified port
-t thread
-f find the correct account number and password to stop
-r repeated transmission interval
eg:medusa -h 127.0.0.1 -u admin -P top1000_user.txt -e ns -n 0 -f 0 -M ftp -r -0 -o ./result_ftp.txt